Lead4Pass 1Z0-1067-22 Exam Dumps Real 1Z0-1067-22 Exam Study Guide – Feb 2023
Lead4Pass 1Z0-1067-22 exam dumps (already updated) are here for your study. Lead4Pass provides a real 1Z0-1067-22 exam study guide, real Oracle certification 1Z0-1067-22 exam study guide that helps you to study for the 1Z0-1067-22 exam easily.
We provide the latest 1Z0-1067-22 exam dumps (55 Q&A) https://www.leads4pass.com/1z0-1067-22.html (PDF or VCE format) study guide for you to pass.
Pass the 1Z0-1067-22 Exam By Practicing the Latest 1Z0-1067-22 Exam Study Guide Questions
These questions are from 1Z0-1067-22 free dumps.
Question 1:
You have been asked to ensure that in-transit communication between an Oracle Cloud Infrastructure (OCI) compute instance and an on-premises server (192.168.10.10/32) is encrypted. The instances communicate using HTTP. The OCI Virtual Cloud Network (VCN) is connected to the on-premises network by two separate connections: a Dynamic IPsec VPN tunnel and a FastConnect virtual circuit. No static configuration has been added.
What solution should you recommend? (Choose the best answer.)
A. The instances will communicate by default over IPsec VPN, which ensures data is encrypted in transit.
B. Advertise a 192.168.10.10/32 route over the VPN.
C. Advertise a 192.168.10.10/32 router over the FastConnect.
D. The instances will communicate by default over the FastConnect private virtual circuit, which ensures data is encrypted in transit.
Correct Answer: D
Reference: https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/transitrouting.htm
Question 2:
You have created a group for several auditors. You assign the following policies to the group:
What actions are the auditors allowed to perform within your tenancy? (Choose the best answer.)
A. The Auditors can view resources in the tenancy.
B. Auditors are able to create new instances in the tenancy.
C. The Auditors are able to delete resources in the tenancy.
D. Auditors are able to view all resources in the compartment.
Correct Answer: D
Question 3:
You have a web application running on Oracle Cloud Infrastructure (OCI) that lets users log in with a username and password. You notice that an attacker has tried to use SQL comment “–” to alter the database query, remove the password check and log in as a user. You decide to prevent any future attacks.
Which of the following OCI services or features would you choose to safeguard your application? (Choose the best answer.)
A. Network Security Group
B. Data Safe
C. Web Application Framework (WAF)
D. Vault
Correct Answer: D
Question 4:
One of the compute instances that you have deployed on Oracle Cloud Infrastructure (OCI) is malfunctioning. You have created a console connection to remotely troubleshoot it.
Which two statements about console connections are TRUE? (Choose two.)
A. It is not possible to use VNC console connections to connect to Bare Metal Instances.
B. VNC console connection uses SSH port forwarding to create a secure connection from your local system to the VNC server attached to your instance\’s console.
C. It is not possible to connect the serial console to an instance running Microsoft Windows, however, VNC console connection can be used.
D. For security purposes, the console connection will not let you edit system configuration files.
E. If you do not disconnect from the session, your serial console connection will automatically be terminated after 24 hours.
Correct Answer: BE
Question 5:
You are using the Oracle Cloud Infrastructure Command Line Interface to launch a Linux virtual machine. You enter the following command (with correct values for all parameters): The command fails.
Which is NOT a valid parameter in this command? (Choose the best answer.)
A. –t
B. – –image-id
C. – –shape “andlt;shape_name>”
D. –c
E. – –subnet-id
Correct Answer: A
Question 6:
You have received an email from your manager to provision new resources on Oracle Cloud Infrastructure (OCI). When researching OCI, you determined that you should use OCI Resource Manager. Since this is a task that will be done multiple times for development, testing, and production. You will need to create a command that can be reused.
Which CLI command can be used in this situation? (Choose the best answer.)
A. once resource-manager stack create ––tenancy–id \ ––config-source prod.zip ––variables file://variables.json \ ––display-name Production stack build \ ––description Creating new Production environment
B. once resource-manager stack update ––compartment–id \ ––config-source prod.zip ––variables file://variables.json \ ––display-name “Production stack build” \ ––description Creating new Production environment
C. once resource-manager stack create ––compartment–id \ ––config-source prod.zip ––variables file://variables.json \ ––display-name Production stack build \ ––description Creating new Production environment
D. once resource-manager stack update ––tenancy–id \ ––config-source prod.zip ––variables file://variables.json \ ––display-name “Production stack build” \ ––description Creating new Production environment
Correct Answer: C
Question 7:
You are asked to deploy a new application that has been designed to scale horizontally. The business stakeholders have asked that the application be deployed in us-phoenix-1.
Normal usage requires 2 OCPUs. You expect to have a few spikes during the week, which will require up to 4 OCPUs, and a major usage uptick at the end of each month that will require 8 OCPUs.
What is the most cost-effective approach to implementing a highly available and scalable solution? (Choose the best answer.)
A. Create an instance pool with a VM. Standard 2.2 shape instance configuration. Set up the autoscaling configuration to use 2 availability domains and have a minimum of 2 instances, to handle the weekly spikes and a maximum of 4 instances.
B. Create an instance with 1 OCPU shape. Use the Resize Instance action to scale up to a larger shape when more resources are needed.
C. Create an instance with 1 OCPU shape. Use a CLI script to clone it when more resources are needed.
D. Create an instance pool with a VM. Standard 2.1 shape instance configuration. Set up the autoscaling configuration to use 2 availability domains and have a minimum of 2 instances and a maximum of 8 instances.
Correct Answer: A
Question 8:
You have been asked to set up connectivity between a client\’s on-premises network and Oracle Cloud
Infrastructure (OCI). The requirements are:
Low latency: The applications are financial and require low latency connectivity into OCI.
Consistency: The application isn’t tolerant of performance variation.
Performance: The communications link needs to support up to 1.25 Gbps.
Encryption: The communications link needs to encrypt any data in transit between the on-premises
network and OCI Virtual Cloud Network (VCN).
The client wants to implement the above with as low a cost as possible while meeting all of the
requirements. What should you suggest? (Choose the best answer.)
A. Provision FastConnect with a single private virtual circuit, and run an IPsec VPN tunnel over the top of this virtual circuit.
B. Provision FastConnect with a single public virtual circuit.
C. Provision a site-to-site IPsec VPN between your on-premises network and your virtual cloud network (VCN) using VPN Connect.
D. Provision FastConnect with a single private virtual circuit.
E. Provision FastConnect with a single public virtual circuit and run an IPsec VPN tunnel over the top of this virtual circuit.
Correct Answer: D
Reference: https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/fastconnectoverview.htm
Question 9:
Which two statements about the Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI) are TRUE? (Choose two.)
A. You can run CLI commands from inside OCI Regions only.
B. You can filter CLI output using the JMESPath query option for JSON.
C. The CLI provides an automatic way to connect with instances provisioned on OCI.
D. The CLI allows you to use the Python language to interact with OCI APIs.
E. The CLI provides the same core functionality as the Console, plus additional commands.
Correct Answer: BE
Question 10:
You have a Linux compute instance located in a public subnet in a VCN which hosts a web application. The security list attached to the subnet containing the compute instance has the following stateful ingress rule.
The Route table attached to the Public subnet is shown below. You can establish an SSH connection into the compute instance from the internet. However, you are not able to connect to the web server using your web browser.
Which step will resolve the issue? (Choose the best answer.)
A. In the routeing table, add a rule for your default traffic to be routed to the NAT gateway.
B. In the security list, add an ingress rule for port 80 (HTTP).
C. In the security list, remove the ssh rule.
D. In the routing table, add a rule for your default traffic to be routed to the service gateway.
Correct Answer: D
Question 11:
Your company recently adopted a hybrid cloud architecture which requires them to migrate some of their on-premises web applications to Oracle Cloud Infrastructure (OCI). You created a Terraform template that automatically provisions OCI resources such as compute instances, load balancers, and database instances. After running the stack using the terraform apply command, it successfully launched the compute instances and the load balancer, but it failed to create a new database instance with the following error:
Service error: NotAuthorizedOrNotFound. shape VM.Standard 2.4 not found. http status code: 404
You discovered that the resource quotas assigned to your compartment prevent you from using VM.Standard 2.4 instance shapes are available in your tenancy. You edit the Terraform script and replace the shape with VM.Standard2.2
Which option would you recommend to re-run the terraform command to have required OCI resources provisioned with the least effort? (Choose the best answer.)
A. terraform plan –target=oci_database_db_system.db_system
B. terraform apply –auto-approve
C. terraform refresh –target=oci_database_db_system.db_system
D. terraform apply –target=oci_database_db_system.db_system
Correct Answer: D
Question 12:
You have been monitoring your company\’s applications running in Oracle Cloud Infrastructure (OCI) and noticed that the application is using OCI Traffic Management service. This service uses a traffic steering policy to distribute the DNS traffic based on subnet addresses in a rule set.
Which steering policy is in use in this particular case? (Choose the best answer.)
A. Load Balancing policy
B. Geolocation steering
C. ASN steering policy
D. IP Prefix steering
Correct Answer: C
Reference: https://k21academy.com/1z0-997/traffic-management-in-oci/
Question 13:
Which option contains the essential components of the Oracle Cloud Infrastructure Notifications service? (Choose the best answer.)
A. An ALARM with a name unique across the tenancy, a SUBSCRIPTION, and a METRIC with the measurement of interest.
B. A TOPIC with a name unique across the tenancy, a SUBSCRIPTION, and a MESSAGE where content is published.
C. A TOPIC with a name unique across the compartment, a SUBSCRIPTION, and a MESSAGE where content is published.
D. An ALARM with a name unique across the compartment, a SUBSCRIPTION, and a METRIC with the measurement of interest.
Correct Answer: D
Question 14:
You run a large global application with 90% of customers based in the US and Canada. You want to be able to test a new feature and allow a small percentage of users to access the new version of your application.
What Oracle Cloud Infrastructure Traffic Management steering policy should you utilize? (Choose the best answer.)
A. Load Balancer
B. IP Prefix steering
C. ASN steering
D. Geolocation steering
Correct Answer: D
Reference: https://docs.oracle.com/en-us/iaas/Content/TrafficManagement/Tasks/trafficmanagement.htm
Question 15:
Which two statements are TRUE about Object Storage data security and encryption in Oracle Cloud Infrastructure (OCI)? (Choose two.)
A. Client-side encryption is managed by the customer.
B. Data needs to be decrypted on the client side before retrieving it.
C. OCI Vault Management is used by default to provide data security.
D. All traffic to and from the Object Storage service is encrypted using TLS.
E. A VPN connection to OCI is required to ensure secure data transfer to an object storage bucket.
Correct Answer: AD
Lead4Pass 1Z0-1067-22 exam dumps are the best 1Z0-1067-22 exam study guide, download the latest 1Z0-1067-22 exam dumps https://www.leads4pass.com/1z0-1067-22.html (PDF or VCE format) and easily pass Oracle 1Z0-1067-22 exam.
If you are looking online for a reliable and real 1Z0-1067-22 exam study guide, then Lead4Pass is the place for you.